Make "-parameters" enabled by default?

Marcin Zajączkowski m.zajaczkowski at
Thu Mar 25 21:05:09 UTC 2021

On 2021-03-25 21:43, Alex Buckley wrote:
> On 3/25/2021 1:20 PM, Marcin Zajączkowski wrote:
>> TL;TR. JEP 118 has added "-parameters" to Java 8 back in 2014 to
>> have parameter names available at runtime. In 2021, backward
>> compatibility of the bytecode-related tools should not be a big problem,
>> so maybe to simplify the things, it could be enabled by default?
> There was never a compatibility problem with including the
> MethodParameters attribute in a class file, which is what `javac
> -parameters` does.
> The attribute was excluded for reasons of policy, which largely still
> apply. As I wrote in May 2013 when someone asked "JEP-118: Why are
> parameter names not mandatory?" [1]:
> "The bottom line is that for every programmer you please by including
> parameter names by default, you intensely anger another. Some people
> dislike the extra class file size; some dislike the new compatibility
> surface; some regard it as exposing sensitive information."

Thanks Alex for your explanations. I have missed that document.


> [1]
> Quoting from the referenced PDF, now at [2]:
> "Oracle believes the ability to retrieve parameter names at run time
> loses much of its value if parameters are "opted out" of class file
> storage by default, and instead have to "opt in" by some syntactic
> means. Unfortunately, the static and dynamic footprint of storing
> parameter names will be an unwelcome surprise for many class file
> producers and consumers. Also, storing parameter names by default means
> that new information will be exposed about security-sensitive methods,
> e.g. parameter names like `secret` or `password`. In light of these
> concerns, Oracle in Java SE 8 will consider parameter names as "opted
> out" of class file storage by default."
> [2]
> Alex

More information about the jdk-dev mailing list